functions.sh
contains some functions that help you extract the sites js/html content from a HAR file & unminify it also contains a function to extract any source maps if present.
Intended Workflow:
- open devtools
- check "Preserve Log" & "Disable Cache" in network tab
- crawl the site manually
- hit the "Export HAR" button when done crawling
- than run the unhar function like this
unhar www.redacted.com.har
- if there are sourcemaps also run
srcmap www.redacted.com.har
- Go to the
Dev Tools > Sources > Override
and add the extracted folder from the HAR file - Now refresh the page with Dev Tools open and all your dynamic analysis tools will report unminified stacktraces.
Dependencies:
go install github.com/tomnomnom/unfurl@latest
npm install -g js-beutify
npm install -g html-beutify
go install github.com/denandz/sourcemapper@latest
page_monitor.sh
takes a list of urls as input, starts a headless chrome browser, navigates to each url and generates a HAR file for each one, it than extracts each HAR file into a local git repository, detects and notifies if any of the following has changed since the last invocation of the script:
- status code
- page title
- the md5 of all the javascript files concatinated into one stream
Dependencies:
- git
- google-chrome
- jq
- chrome-har-capturer
- notify
- unfurl
postMessage-tracker
this is Frans Rosen's extension with a few changes, original here.
Changes:
- Logs message content (not just message handlers) to webhook
- Filters postMessage handlers registered by extensions
- Filters postMessages in the console coming from the following extensions
- DOMInvador
- DOMLogger++
- Wappalyzer
- UntrustedTypes
- syntax highlighting
- removes stacktrace lines that come from stack frames of this extension
hashChange-tracker
just a rip off of postMessage-tracker but for hashchange event
iframe-tracker
just a rip off of postMessage-tracker but for tracking and revealing iframes